import jwt from 'jsonwebtoken'

export const generateTokenAndSetCookie = (userId, res) => {
    const token = jwt.sign({
        userId
    }, process.env.JWT_SECRET, {
        // TODO: config me, 15 days now
        expiresIn: '15d'
    })

    res.cookie("jwt", token, {
        maxAge: 15*24*60*60*1000, //MS
        httpOnly: true, // prevent XSS attacks cross-site scriptinh attacks
        sameSite: "strict", // CSRF attacks cross-site request forgery attacks
        secure: process.env.NODE_ENV !== "development",
    })
    
}